summaryrefslogtreecommitdiff
path: root/src/ostree/ot-builtin-summary.c
diff options
context:
space:
mode:
authorDan Nicholson <nicholson@endlessm.com>2019-10-15 11:55:22 -0600
committerDan Nicholson <dbn@endlessos.org>2023-02-07 14:50:47 -0700
commit582d7071d2d56c6250e5b338df8c403a9917856e (patch)
treef62d9f60a1c89b8c5485b08ab49e2765c6f841f9 /src/ostree/ot-builtin-summary.c
parent1384267973de3908f5b29f5783b31ab3a7264be1 (diff)
downloadostree-582d7071d2d56c6250e5b338df8c403a9917856e.tar.gz
bin/summary: Use ostree_repo_regenerate_metadata
Call `ostree_repo_regenerate_metadata` with the provided GPG and sign keys to generate and sign the summary in one call. This changes the handling when GPGME support is disabled but GPG keys are supplied. Instead of silently ignoring the option, it will now error. IMO that's better as callers would otherwise not know that the summary is not GPG signed.
Diffstat (limited to 'src/ostree/ot-builtin-summary.c')
-rw-r--r--src/ostree/ot-builtin-summary.c65
1 files changed, 27 insertions, 38 deletions
diff --git a/src/ostree/ot-builtin-summary.c b/src/ostree/ot-builtin-summary.c
index 2d6306a4..219af604 100644
--- a/src/ostree/ot-builtin-summary.c
+++ b/src/ostree/ot-builtin-summary.c
@@ -223,50 +223,39 @@ ostree_builtin_summary (int argc, char **argv, OstreeCommandInvocation *invocati
return FALSE;
}
- /* Regenerate and sign the conventional summary file. */
- if (!ostree_repo_regenerate_summary (repo, additional_metadata, cancellable, error))
- return FALSE;
-
-#ifndef OSTREE_DISABLE_GPGME
- if (opt_gpg_key_ids)
- {
- if (!ostree_repo_add_gpg_signature_summary (repo,
- (const gchar **) opt_gpg_key_ids,
- opt_gpg_homedir,
- cancellable,
- error))
- return FALSE;
- }
-#endif
- if (opt_key_ids)
+ /* Regenerate and sign the repo metadata. */
+ g_auto(GVariantBuilder) metadata_opts_builder = G_VARIANT_BUILDER_INIT (G_VARIANT_TYPE_VARDICT);
+ g_autoptr(GVariant) metadata_opts = NULL;
+ if (opt_gpg_key_ids != NULL)
+ g_variant_builder_add (&metadata_opts_builder, "{sv}", "gpg-key-ids",
+ g_variant_new_strv ((const char * const *) opt_gpg_key_ids, -1));
+ if (opt_gpg_homedir != NULL)
+ g_variant_builder_add (&metadata_opts_builder, "{sv}", "gpg-homedir",
+ g_variant_new_string (opt_gpg_homedir));
+ if (opt_key_ids != NULL)
{
- g_autoptr (GVariant) secret_keys = NULL;
- g_autoptr (GVariantBuilder) sk_builder = NULL;
-
- sk_builder = g_variant_builder_new (G_VARIANT_TYPE_ARRAY);
+ g_auto(GVariantBuilder) sk_builder = G_VARIANT_BUILDER_INIT (G_VARIANT_TYPE_ARRAY);
- char **iter;
- for (iter = opt_key_ids; iter && *iter; iter++)
+ /* Currently only strings are used as keys for supported
+ * signature types. */
+ for (const char * const *iter = (const char * const *) opt_key_ids;
+ iter != NULL && *iter != NULL; iter++)
{
- const char *keyid = *iter;
- GVariant *secret_key = NULL;
-
- /* Currently only strings are used as keys
- * for supported signature types */
- secret_key = g_variant_new_string (keyid);
-
- g_variant_builder_add (sk_builder, "v", secret_key);
+ const char *key_id = *iter;
+ g_variant_builder_add (&sk_builder, "v", g_variant_new_string (key_id));
}
- secret_keys = g_variant_builder_end (sk_builder);
-
- if (! ostree_sign_summary (sign,
- repo,
- secret_keys,
- cancellable,
- error))
- return FALSE;
+ g_variant_builder_add (&metadata_opts_builder, "{sv}", "sign-keys",
+ g_variant_builder_end (&sk_builder));
}
+ if (opt_sign_name != NULL)
+ g_variant_builder_add (&metadata_opts_builder, "{sv}", "sign-type",
+ g_variant_new_string (opt_sign_name));
+
+ metadata_opts = g_variant_ref_sink (g_variant_builder_end (&metadata_opts_builder));
+ if (!ostree_repo_regenerate_metadata (repo, additional_metadata, metadata_opts,
+ cancellable, error))
+ return FALSE;
}
else if (opt_view || opt_raw)
{
View Lorry Controller Status